Worm

About “Worm.Win32.Pajetbin.gvy” infection

Malware Removal

The Worm.Win32.Pajetbin.gvy is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Worm.Win32.Pajetbin.gvy virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Authenticode signature is invalid
  • Harvests cookies for information gathering
  • Anomalous binary characteristics

How to determine Worm.Win32.Pajetbin.gvy?



File Info:

name: 96AB209C0286DE9CEAE8.mlw
path: /opt/CAPEv2/storage/binaries/c28ba141cc4509436f765b0f7d8339d07c5c34eed83479340e445c6279ce62ee
crc32: BC17C20F
md5: 96ab209c0286de9ceae8f6cff7b38202
sha1: b1696d211feace22a5ba0214b14e06fd343521c7
sha256: c28ba141cc4509436f765b0f7d8339d07c5c34eed83479340e445c6279ce62ee
sha512: 6d4f4e59b77e72ec31979da0ecd709561d0d47a8c7fb63d8d2c849510a37f170b2ea7d120934bb1c5b07126d07c3fa8ae58a960062b689841ab470ed6e5d1c98
ssdeep: 12288:VxrPX+pd167QhE0s7+jM4ZR8L1DASh4SrhlwU/4YL+:TE6Ehg7mMQR8L1D5mS1L+
type: PE32+ executable (GUI) x86-64, for MS Windows
tlsh: T115E47C13B69C80A2C1AA03B10F75E6759A7AFD3109049F1F23D4BBEF1C793416D6A726
sha3_384: 11078397db608e22d39c1459eced3b306bcb011c22fe71245ba9e0a47e61ba9c0c6b9b173fb844f34e3a1859cd97627a
ep_bytes: 4883ec28e87ffdffff4883c428eb0990
timestamp: 2010-11-20 10:29:39


Version Info:

0: [No Data]

Worm.Win32.Pajetbin.gvy also known as:

LionicTrojan.Win32.Generic.4!c
Elasticmalicious (high confidence)
AlibabaWorm:Win32/Pajetbin.97874683
CrowdStrikewin/malicious_confidence_60% (W)
SymantecTrojan.Gen.2
APEXMalicious
Paloaltogeneric.ml
ClamAVWin.Malware.Generic-9880088-0
KasperskyWorm.Win32.Pajetbin.gvy
BaiduWin32.Trojan.VB.t
McAfee-GW-EditionBehavesLike.Win64.Dropper.jh
MicrosoftTrojan:Win32/Wacatac.B!ml
GDataWin64.Trojan.Agent.GKH2H5
CynetMalicious (score: 100)
McAfeeArtemis!96AB209C0286
MalwarebytesMalware.AI.2797890020
RisingWorm.VB!1.DA3E (CLASSIC)
FortinetMalicious_Behavior.SB

How to remove Worm.Win32.Pajetbin.gvy?

Worm.Win32.Pajetbin.gvy removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment